February 29, 2012

RSA Conference 2012: Hacktivism forcing organizations to look inward

Hackvistim is not just resulting in high-profile breaches and data loss, it's also shedding light on the neglect many organizations are showing security.

Hackvistim is not just resulting in high-profile breaches and data loss, it's also shedding light on the neglect many organizations are showing security, according to a keynote panel Wednesday at the RSA Conference in San Francisco.

"Companies are taking it too lightly," said Eric Strom, unit chief for the cyber division of the FBI. "They think these are just a bunch of kids fooling around. The reality is that it can destroy a business. The FBI has put a lot of resources toward this problem. We don't look at it as a small issue."

The FBI has attempted to create collaborative efforts among enterprises that have been attacked so they may share threat intelligence.

"Groups like Anonymous are helping the security cause by bringing it to the media and bringing those takedowns to light," said Grady Summer, a vice president at incident response firm Mandiant. "Companies are now becoming aware and worried."

Sharing cyber intelligence and the notion of seeking information from working groups and other security organizations has been a recurring discussion at this year's conference. The more that businesses are educated in threat prevention and management, the more prepared they'll be if something actually occurs.

While those in the security industry may see the primary motives of hacktivism as ways for individuals to express themselves politically, that's not to say that's always the case, according to the panel.

While the nature of Anonymous' motives may vary, the real concern lies with accountability. It's difficult to know what one is dealing with when an organization is loose-knit and devoid of leadership.

"Anonymous isn't an existential threat at all," said Misha Glenny, journalist and author of DarkMarket: Cyberthieves, Cybercops and You. "They're part of an issue that's out there and it's not going away. It's very difficult to get a handle on this."

Related Articles
Related Topics

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.